Saturday, April 12, 2014

How to Crack Windows 8 Picture Password and Pin Code Instantly

In this tutorial we'll show you how to crack Windows 8 picture password and pin code, without brute-forcing them. Both Pin code and Picture Password are authentication methods based on a local user account. During setting up a Pin code or Picture Password, you'll be prompted to enter the traditional text-based password. The problem is that Windows 8 will then store your Pin code / Picture password as well as the original text password in plain text.

Windows 8 Sign-in Options

Mimikatz is a free open-source tool to recover this plain-text password, it saves you time and power needed to brute force a 16 character NT/LM password during pen-testing or tech work. Follow this tutorial and you can recover Windows 8 Pin code and Picture Password in no time.

Note: Mimikatz needs admin privileges to work properly. If you couldn't log on to Windows 8 as administrator, you can reset the forgotten local administrator password or Microsoft account password with PCUnlocker Live CD/USB drive.

How to Recover Windows 8 Picture Password and Pin Code?

 

  1. Download the Mimikatz tool (mimikatz_trunk.zip) from Benjamin Delpy’s blog. Decompress the zip file and you'll then find that the tool has both 32-bit and 64-bit versions – make sure you pick the correct version.
  2. Right-click on the Mimikatz.exe file and select Run as administrator from the context menu.
  3. You'll be provided with an interactive prompt that allows you to perform a number of different commands. Firstly we'll need to enable debug mode with the privilege::debug command:
    privilege::debug
  4. Next run the token::elevate command to elevate your privilege to NT Authority\SYSTEM.
    token::elevate
    Mimikatz
  5. Execute the following command and it will quickly extract all types of plain-text passwords from Windows Vault, including Pin code, Picture Password and traditional text password.
    vault::list
    Recover Windows 8 Pin Code and Picture Password
If you use a Microsoft account to log on to Windows 8 and then switch to a Picture Password or a Pin, the Mimikatz tool will be able to dump your Microsoft account password as well. This is the first critical security flaw in Windows 8/8.1 that has already been discovered.

No comments:

Post a Comment